I'm honestly somewhat concerned for this user's memory.
Posted by gamermanj4@reddit | talesfromtechsupport | View on Reddit | 33 comments
Got a pretty good one today that I am not convinced is over, but I expect it to just be more of the same.
I'll start by saying our company does not have a VPN, I'm not in love with that fact as it does in part create todays issue, but that's not my choice, and other users don't struggle like this, so whatever.
Of course this means that if you forget your password, we can't help you get into the company laptop, the local account is a domain account, but at home you can't connect to the domain because no VPN.
The few users we have who exclusively work from home, just deal with it, and do a really good job of not getting stuck out of their local account, production apps are on RDP session anyway so some even use personal devices.
But this user does not work from home regularly, they've just been having some sort of temporary difficulty getting to the office. And of course they forget their password, this was yesterday, they have a personal device they can use, somehow I get them logged into RDP there, they seem to reset their password just fine, have them log out and back in to confirm, don't hear from them for a while.
Later on my coworker speaks to them, they're going to be coming into the office today to connect to the Wi-Fi and fix their local account, they were able to get a ride or something.
I help them again when they arrive, somehow their Wi-Fi drivers are just gone, can't see even the option no matter how many times it's rebooted, strange, as when in the office, we use Wi-Fi a lot, so they should have noticed this issue themselves sooner, but whatever, plug in ethernet and install new Wi-Fi drivers, that's all sorted.
User "Now which password do I use, *generic from yesterday* ?"
Me "No it should be the password you set yesterday after that, you were able to reset when you were on the phone with me yesterday, right?"
User *Shrugs*
Me "So when I as the last thing had you log out of and back into the RDP session, did you use the same password I gave you or did you use the one you entered when looking at the password reset screen?
User *Shrugs harder and stammers*
Me "Ok never-mind, let's just have you re-reset it now"
Reset to generic again, tell them what it is, they log into the PC, they reset their password again, and finally I have them switch to the guest network so RDP prompts them to enter PW (doesn't do this if on domain) that all works fine so I have them reboot and relog into everything once more just to make sure, and send them on their way.
Not even 3 hours later my coworker hears from them again, they have somehow again forgotten the password they just made.....
And they want to know if anyone will be in the office past 5 to help them again, on a Friday......
I have to feel like it's some kind of work avoidance thing but also this user is notorious for being astoundingly problematic so I have no idea.
AnDanDan@reddit
No VPN and production is on RDP? Are they just RDPing to open machines over the net? Jesus.
maroongrad@reddit
Help them with a password they cannot easily forget. Dontforget! Maybe the year, and their middle name, then the number of letters in their middle name, and the sign above the letters: 2025Albert6\^
Year, middle name. Number, symbol. It won't fix stupid but with luck it'll make it easier to remember. At the very least, Albert6\^ is nice and simple, 8 characters, uppercase, lowercase, symbol, number.
gamermanj4@reddit (OP)
You say this as if we haven't tried this the last 30 time's getting her password to "stick" is a multi-day event.
tehWoody@reddit
Could they not use a password manager instead? Plenty of free open source ones around like Bitwarden.
gotohelenwaite@reddit
Forgive my ignorance, as I've never used a password manager, but don't you need a password for the password manager? If not, please school me, I embrace learning.
tehWoody@reddit
You do, but it's a single one to remember rather than hundreds these days. It does take a bit of effort to remember that one good password (mine's something silly like 40 characters but you don't have to go that far).
Once you know that one good password by heart, you have access to everything else and changing other passwords is not a big hassle as you don't need to remember them.
gotohelenwaite@reddit
Thank you for a very informative and non-judgemental response. I'll seriously consider this for future password requirements.
Upvoting for your informative response and civility.
maroongrad@reddit
Works with my students. In their case, it's a word they all use, the first letter of the website, and then it depends on year. Juniors would be gTheWord3#. Having it be his middle name and having the pattern may be what it takes...at least it means no looking it up, again, and resetting it, again, for you.
Krashlandon@reddit
My brother in Christ, get thou an MDM.
StuBidasol@reddit
Sounds a bit like weaponized incompetence.
Plus_Drawing3818@reddit
The one who wrote your IT policies is the real culprit here. Nauseating incompetence on display.
Geminii27@reddit
This is why password resets need to be able to be triggered by people's managers.
It's not an IT issue. Nothing is broken or needs configuring. This is purely a business issue regarding the business allowing an employee to have access to a business resource.
It's amazing how much magically better user memories get when they have to admit to their own manager every time that they can't remember their password, and can no longer pin their lack of work on "IT is fixing something" or "IT says they won't help".
Gadgetman_1@reddit
We have a webpage accessible from the internet...
Sounds crazy, but first you need to know that user's username, then you need his 2FO (usually BankID) and his cell-phone.
demideity@reddit
Or perhaps, this user could be suffering from an intermittent Id 10t error.
Transmutagen@reddit
Sounds like you have a PEBKAC: Problem Exists Between Keyboard And Chair.
joe_attaboy@reddit
When I was in the Navy, I worked on aircraft that trained student pilots. When something "broke" on their plane, they would write up the problem for our shops. I would frequently discover that the problem wasn't a problem, but rather that they did something wrong.
We would sign off the maintenance as "replaced nut behind control stick."
Z4-Driver@reddit
OSI Layer 8
TimTowtiddy@reddit
I prefer WOMBAT.
Waste Of Money, Brains, And Time.
maroongrad@reddit
not sure how intermittent it is...
flecktonesfan@reddit
Yeah, sounds fairly persistent and the user can reproduce it at will...
Sciuruzz@reddit
Indeed a “PICNIC” situation here
Vektor0@reddit
I'm going to guess your organization requires pretty complex passwords. Possibly to mitigate risks from having RDP openly-accessible over the internet and not having a VPN available.
This is exactly why cybersecurity standards discourage overly-complex password requirements and frequent changes: users are likely to make up a password that is difficult to remember, so they forget it -- or worse, write it down on a sticky note.
Whoever is responsible for your organization's IT infrastructure and/or budget is the real idiot here. If you had a decent VPN, this wouldn't be an issue. Your organization is wasting a ton of time and resources on fixing avoidable user errors, and getting pwned is probably only a matter of when, not if.
Unique_Anywhere5735@reddit
My company has ridiculous password requirements on a 90-day cycle because they sometimes contract with the Feds, and they think it makes them look good. Fortunately, we can use a pin most times, and as a remote worker, I'm encouraged to write my password down in a safe place. We used to have to go into an office to change the password, which was a colossal pain in the ass if you were on a federal deployment. More recently, they came up with an easy way to do it online. I guess what I'm trying to say is that this person is either an idiot or seriously in the grip of cognitive decline.
duke78@reddit
Writing it down on a sticky note isn't too bad if that note is in their wallet instead of sticking to somewhere that others will find it.
Loko8765@reddit
Document, document, document. Cover Your Ass.
I bet the user told their manager that they couldn’t work because IT wasn’t able to help them.
emax4@reddit
Better yet, contact the manager or physically go to them to let him or her know about the forgetfulness, then ask if this is a frequent occurrence. If yes, this may be a good time to have the user re-evaluated for general computer usage to see what they need help with. If no, start a new ticket with nothing but tallies on how frequent it happens.
duranfan@reddit
Ha! I have had people who are so chaotically busy they forget their new passwords within mere seconds of setting them…
Fatefire@reddit
It's a work avoidance thing lol
harrywwc@reddit
remember the "three d's" - document, document, document.
there will come a time (soon) when they will be called to account by their manager, and their response will be "it's all IT's fault - they couldn't / wouldn't help me. (boo hoo)"
at this point you should be able to bring out the ~~cya~~ documentation and show said manager that IT has indeed been helping them, with the same issue, several times a day, and they are still getting it 'wrong'.
KelemvorSparkyfox@reddit
Used to have a senior manager whose main skill was burning through soft power. She definitely wasn't technical, despite having been poached from a technical role at a supplier. I once had to reset her password to the financials ERPS twice in the same day. What makes this more impressive is that she was in the office for this. On such days, she was in by the crack of noon, and left no sooner than 15:30...
Tomme599@reddit
Some people weaponise incompetence.
K1yco@reddit
I'll have customers who forget the email address they used when they placed a request, and then reach out to us under a different email asking us why they didn't get the email.
Chocolate_Bourbon@reddit
Maybe incipient senility they are trying to mask as general incompetence?